/**
 * package: middleware
 * author: zhaiyujin
 * description:
 */
package middleware

import (
	"github.com/kataras/iris/v12"
	"huanteng/web/global/application"

	"huanteng/web/repositories"

	//"huanteng/web/database/seeds"
	"huanteng/web/helpers"
	"strconv"
	"strings"
)

func NotCheckPermissionUrl(url string)bool  {
  urls:=[]string{
  	"/admin/auth/info", //用户信息
	"/admin/auth/editpwd", //编辑密码
	"/admin/menu/all", //所有菜单
	"/admin/role/list", //所有角色

  }
	for _,p:=range urls{
		if url==p {
			return true
		}
	}
	return false



}

func CheckCasbin(ctx iris.Context){
	user_id:=strconv.Itoa(int(application.Uid))
	url:=ctx.Path()
	method:=ctx.Method()
	errs:=NotCheckPermissionUrl(url)
	if errs==true{
		ctx.Next()
		return
	}
	b,err:=repositories.CsbinCheckPermission(user_id,url,strings.ToLower(method))
	if err!=nil{
		ctx.JSON(helpers.FailedMsg(err.Error()))
		return
	}
	if b==false{
		ctx.JSON(helpers.FailedMsg("你没有权限访问该方法"))
		return
	}
	ctx.Next()
}
